graphify

What's new

• Fix: .tsx files now use language_tsx grammar for JSX-aware parsing -- previously language_typescript was used, silently dropping all JSX-specific nodes from .tsx files (#766)
• Fix: edges key in saved graph JSON now normalised to links before loading -- prevents KeyError: 'links' on graphs written by older NetworkX versions in query, path, explain, and serve (#768)
• Fix: Google Workspace gws export drops unsupported resourceKey query param -- Drive API requires it as an HTTP header; sending it as a query param was a silent no-op (#772)
• Security: eleven hardening fixes -- Cypher escape strips C0 control chars and \n/\r; YAML frontmatter escapes U+2028, U+2029, tabs, and C0; MCP sanitize_label applied to all LLM-derived fields; C preprocessor blocked from #include exfiltration via -nostdinc -I /dev/null; merge-driver 50 MB file size cap and 100k node cap; detect_backend() places Ollama last so paid API keys take precedence over ambient OLLAMA_BASE_URL; Neo4j --password reads from NEO4J_PASSWORD env var by default; hooks exception handling narrowed to (configparser.Error, OSError)
• Refactor: skill YAML descriptions rewritten to be trigger-oriented -- describe what invokes the skill rather than its internal pipeline (#774)
• Refactor: generated CLAUDE.md / AGENTS.md / GEMINI.md templates strengthened with ALWAYS/NEVER/IF ... EXISTS graph-first directives (#775)

Install / upgrade

pip install -U graphifyy